[ref. r30949620] Innova - Cyber Security Consultant

Position overview

The Cyber Security Incident Response Team is a centralized security service, responsible for managing cybersecurity incidents within the group.

The team is responsible for delivering all relevant services to mitigate an incident as quickly and efficient as possible and to keep (higher) management updated on the progress.

As a SIEM analyst in CSIRT you are responsible for creating and improving monitoring use cases for the various log sources that are onboarded in the SIEM.

A strong set of data analytics skills are required for this function.

Your main objective is to come up with actionable use cases in a security monitoring context that improves the visibility of the environment.

What you'll do

You work actively together with the application and engineering teams on log ingestion tasks.

You validate the content of the ingested logs at the SIEM.

You actively collaborate with our Cyber Defense Center and threat intel team to create and improve existing monitoring use cases.

You represent CSIRT in meetings with application stakeholders to make sure the right logs are selected and obtained by CSIRT.

You create dashboards and reports.

You support the blue team in their response to red team exercises.

What you bring

Bachelor's degree in Computer science/Information security or equivalent combination of education and experience

You have in-depth knowledge of the security aspects of Windows, Linux, internet technology and network protocols

Similar experience within a telecommunications environment and technologies is considered of high value

Experience with Splunk Enterprise Security is mandatory

You have knowledge of a query language (KQL, SPL..)

Experience within a SOC environment is considered of high value

Experience with public cloud (Azure, GCP, AWS..) is considered of high value